wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 18:22:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
25,241 Commits 12 Branches 184 Tags
760178c7dc3ea905dfdab2daa2e96eb0dac0cf78
Commit Graph

9563 Commits

Author SHA1 Message Date
David Garske
760178c7dc Improvements to no malloc support in ConfirmSignature for async and non-blocking. Refactor DSA ASN.1 decode in ConfirmSignature. Cleanup indent in types.h. Move struct CertSignCtx to types.h. Move WC_ENABLE_ASYM_KEY_IMPORT and WC_ENABLE_ASYM_KEY_EXPORT to settings.h. 2025-05-07 12:06:09 -07:00
Alex Lanzano
bc6b5598c5 Add NO_MALLOC support for wc_CheckCertSigPugKey 2025-05-07 12:04:38 -07:00
David Garske
1e3718ea7b Merge pull request #8655 from SparkiDev/asn1_oid_update 
ASN.1 OIDs and sum: Change algorithm for sum
 2025-05-07 11:43:54 -07:00
JacobBarthelmeh
eae4005884 Merge pull request #8717 from dgarske/renesas_rx_api 
Make wc_tsip_* API's public
 2025-05-07 09:29:05 -06:00
Sean Parkinson
5e5f486a4c Merge pull request #8732 from dgarske/stm32_hash_status 
Fix for STM32 hash status check logic (also fix NO_AES_192 and NO_AES_256)
 2025-05-07 20:56:18 +10:00
Sean Parkinson
4b73e70515 Merge pull request #8706 from dgarske/win_crypt_rng 
New build option to allow reuse of the windows crypt provider handle …
 2025-05-07 20:55:07 +10:00
Sean Parkinson
112351667a ASN.1 OIDs and sum: Change algorithm for sum 
New sum algorithm has no clashes at this time.
Old algorithm enabled by defining: WOLFSSL_OLD_OID_SUM.
New oid_sum.h file generated with scripts/asn1_oid_sum.pl.

Added bunch of OID names into asn1 example.
 2025-05-07 08:32:08 +10:00
Sean Parkinson
d100898e92 Merge pull request #8737 from julek-wolfssl/wc_HKDF_Expand_ex-fix 
wc_HKDF_Expand_ex: correctly advance the index
 2025-05-07 08:23:33 +10:00
David Garske
05a3557b2b Merge pull request #8703 from lealem47/zd19592 
Attempt wolfssl_read_bio_file in read_bio even when XFSEEK is available
 2025-05-06 14:42:19 -07:00
David Garske
d04ab3757e New build option WIN_REUSE_CRYPT_HANDLE to allow reuse of the windows crypt provider handle. Seeding happens on any new RNG or after WC_RESEED_INTERVAL. If using threads make sure wolfSSL_Init() or wolfCrypt_Init() is called before spinning up threads. ZD 19754. Fixed minor implicit cast warnings in internal.c. Add missing hpke.c to wolfssl VS project. 2025-05-06 14:38:02 -07:00
Juliusz Sosinowicz
d82d8a53ef wc_HKDF_Expand_ex: correctly advance the index 2025-05-06 13:47:54 +02:00
Sean Parkinson
428915e492 Merge pull request #8719 from philljj/coverity_april_2025 
Fix coverity warnings
 2025-05-06 10:11:27 +10:00
Sean Parkinson
dfec168402 Merge pull request #8721 from philljj/coverity_misc 
Coverity misc
 2025-05-06 10:04:53 +10:00
David Garske
c2f1563144 Merge pull request #8726 from kareem-wolfssl/zd19786 
Pass in correct hash type to wolfSSL_RSA_verify_ex.
 2025-05-05 15:38:41 -07:00
David Garske
751dcdf3df Improve the hash wait logic by separating the data input ready from the digest calculation complete. 2025-05-05 14:36:36 -07:00
David Garske
0f4ce03c28 Fixes for NO_AES_192 and NO_AES_256. Added CI test. Fixed bad BUILD_ logic for ADH-AES256-GCM-SHA384. 2025-05-05 14:36:36 -07:00
David Garske
e487685d7d Fix for STM32 Hashing status bit checking logic. ZD 19783. The digest calculation was indicating "not busy" before digest result (DCIS) was finished. This did not show up on most systems because the computation is usually done by the time it reads. 2025-05-05 14:36:36 -07:00
David Garske
3d4e89c2ca Make wc_tsip_* API's public. 2025-05-05 14:02:05 -07:00
Kareem
aad15b27a2 Pass in correct hash type to wolfSSL_RSA_verify_ex. 2025-05-05 11:58:26 -07:00
jordan
efd5405d0e coverity: fix check_after_deref, assignment_where_comparison_intended, uninit vars, return values, etc. 2025-05-05 13:18:29 -05:00
jordan
baa7efa8af Fix coverity uninit var warnings, add missing priv key ForceZero. 2025-05-05 13:14:39 -05:00
Sean Parkinson
3acf3ef3c5 RISC-V 64-bit: fix raw hash when using crypto instructions 
./configure CC=riscv64-linux-gnu-gcc --host=riscv64 --disable-shared LDFLAGS=--static --enable-riscv-asm=zvkned
Digest state is not always stored in a way that can be directly copied out.
 2025-05-03 08:42:17 +10:00
Daniel Pouzzner
4450167ab0 Merge pull request #8707 from philljj/register_dh 
linuxkm: register dh and ffdhe.
 2025-04-28 23:00:17 -05:00
jordan
f6f3b0a1ee linuxkm: register dh and ffdhe. 2025-04-25 21:21:26 -05:00
David Garske
3a1178f71c Fix for STM32 Hash with NVIC (IRQ) enabled that can cause a DINIS interrupt that does not get cleared. If the HASH NVIC tab has Interrupts enabled it can cause an IRQ to be triggered that is not cleared. This is because the wolfSSL implementation of STM32 Hash does not call the HAL HASH API's and does not use interrupts yet. ZD 19778 2025-04-23 13:55:57 -07:00
JacobBarthelmeh
c22505a71a Merge pull request #8700 from embhorn/rel_fixes_cs 
Fixes from CodeSonar report
 2025-04-23 11:36:15 -06:00
Lealem Amedie
5fe086b388 Skip PKCS8 header check in wc_CreatePKCS8Key with WOLFSSL_NO_ASN_STRICT 2025-04-22 16:58:04 -06:00
Daniel Pouzzner
d4fc8c3791 linuxkm/: null out pointers with PTR_ERR()-encoded values before jumping to cleanup; 
linuxkm/lkcapi_rsa_glue.c: in km_rsa_init(), implement error-path cleanup;

linuxkm/module_hooks.c: nix CONFIG_MODULE_SIG requirement in WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE builds;

wolfssl/wolfcrypt/settings.h: in WOLFSSL_LINUXKM setup, define WOLFSSL_ASN_INT_LEAD_0_ANY if LINUXKM_LKCAPI_REGISTER (required for kernel 5.10 crypto manager);

wolfcrypt/src/memory.c: add WC_NO_ERR_TRACE() to mock error returns in SAVE_VECTOR_REGISTERS2_fuzzer().
 2025-04-22 16:44:07 -05:00
Eric Blankenhorn
66b9256f86 Fixes from CodeSonar report 2025-04-22 14:43:01 -05:00
Daniel Pouzzner
25cd009a42 Merge pull request #8695 from JacobBarthelmeh/coverity 
null derefernce sanity checks and control flow issue
 2025-04-22 11:37:51 -05:00
Daniel Pouzzner
9e5c064d5d Merge pull request #8679 from kojiws/keep_header_on_pkcs12_parse 
Add wc_PKCS12_parse_ex() to keep PKCS8 header
 2025-04-19 01:57:21 -05:00
Daniel Pouzzner
543ba268a4 Merge pull request #8558 from julek-wolfssl/openssh-9.9-fix 
wolfSSL_EVP_PKEY_cmp: only compare the public keys
 2025-04-19 01:51:49 -05:00
JacobBarthelmeh
69a4607f84 null sanity check on arguments in wc_HpkeContextComputeNonce, CID 515543 2025-04-18 16:47:36 -06:00
Daniel Pouzzner
8c0b931459 Merge pull request #8652 from kareem-wolfssl/zd19563_2 
Add some FPKI test OIDs which are currently being used in DoD JITC certificates.
 2025-04-18 14:04:29 -05:00
Koji Takeda
039ff1b460 Add wc_PKCS12_parse_ex() 2025-04-18 06:39:16 +09:00
Kareem
645da33176 Fix unused function warning for wc_AesDecrypt when building with STM32. 
This function is not needed for AES-CCM, as the AES-CCM decrypt function only calls wc_AesEncrypt.
 2025-04-17 14:33:44 -07:00
Kareem
038eab61d0 Add additional FPKI test OIDs. 2025-04-17 11:29:36 -07:00
Kareem
00a6c3953c Add some FPKI test OIDs which are currently being used in DoD JITC certificates. 2025-04-17 11:10:35 -07:00
Daniel Pouzzner
5b3e19c1b6 Merge pull request #8686 from miyazakh/oid_collision 
fix OID collision
 2025-04-17 00:54:04 -05:00
Daniel Pouzzner
90f30fd15e Merge pull request #8623 from SparkiDev/lms_kid_from_privraw 
LMS: add API to get Key ID from raw private key
 2025-04-17 00:49:08 -05:00
David Garske
404fafd598 Merge pull request #8677 from SparkiDev/regression_fixes_17 
Regression test fixes
 2025-04-16 20:20:28 -07:00
David Garske
a66fb123b4 Merge pull request #8684 from SparkiDev/lms_max_levels_1 
LMS: fix for when WOLFSSL_LMS_MAX_LEVELS is 1
 2025-04-16 20:19:40 -07:00
David Garske
a9e2146f06 Merge pull request #8675 from SparkiDev/entropy_memuse_fix 
Entropy MemUse: fix for when block size less than update bits
 2025-04-16 20:18:22 -07:00
Hideki Miyazaki
62f7ff9ec2 fix OID collision 
fix qt jenkins failure
 2025-04-17 11:55:03 +09:00
Sean Parkinson
62f28759d8 LMS: fix for when WOLFSSL_LMS_MAX_LEVELS is 1 2025-04-17 11:19:41 +10:00
Sean Parkinson
a34284e0a2 Entropy MemUse: support for custom hi res time 
Call the custom high resolution time function when
CUSTOM_ENTROPY_TIMEHIRES is defined with the function name.
 2025-04-17 09:30:29 +10:00
Juliusz Sosinowicz
290dbaa18e wolfSSL_EVP_PKEY_cmp: only compare the public keys 2025-04-16 18:14:09 +02:00
Sean Parkinson
3ac05dea09 Regression test fixes 
dtls13.c: LowResTimer() not available when NO_ASN_TIME is defined.
api.c: Add certificate and key to use for when only Ed25519 or Ed448.
asn.c: Casts needed for g++ compile.
mem_track.c: Casts needed for g++ compile.
 2025-04-16 21:46:48 +10:00
Sean Parkinson
5e8d018ff7 Merge pull request #8659 from kojiws/improve_mldsa_priv_key_import 
Improve ML-DSA private key import and the test
 2025-04-16 18:21:00 +10:00
Koji Takeda
1646a4b274 Reflect review 2025-04-16 13:46:39 +09:00